On Jan 31, 2008 9:29 PM, Jeff Larsen <jlar310 at gmail.com> wrote: > Microsoft Services For UNIX or 2003R2 support UNIX attributes in > Active Directory. It adds a new tab in the user account properties > where you can specify login shell, home directory, uid, gid. > > On the CentOS side use nss_ldap. > > This is a true single sign-on configuration with no /etc/passwd monkey > business. We use it for database application auth and limited shell > access. It just works, failures are rare. So is it possible to use nss_ldap with MS-AD if the Services for Unix are not installed? Or do you still have to resort to "/etc/password monkey business"? (I'm all for eliminating the monkey business, but I don't think my AD is going to get SFU. Mike